package com.beiding.authorization.wechat;


import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class WeChatAuthorizationFilter extends AbstractAuthenticationProcessingFilter{

    //拦截认证的uri
    public WeChatAuthorizationFilter() {
        super(new AntPathRequestMatcher("/weChatLogin", "POST", true));
    }


    //进行认证
    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {

        String principal = request.getParameter("principal");
        String credentials = "credentials";

        WeChatAuthentication au = new WeChatAuthentication();

        au.setPrincipal(principal);

        au.setPrincipal(credentials);

        //由AuthenticationManager实际认证
        return getAuthenticationManager().authenticate(au);
    }

}
